<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use App\Models\Permission;


class AuthToken
{
    public function handle($request, Closure $next)
    {

        if(Auth::check()){

            $user = $request->user();

            $route = $request->server()['REQUEST_URI'];


            if($user->id == 1){
               return $next($request);
            }

            if(Permission::check($user,$route)){
                return $next($request);
            }else{
                abort(403);
            }

        }else{
            abort(401);
        }
    }
}
